The chance to get lucky and pick a long, random password is still ridiculously small. The chance to pick admin123 is ridiculously large. You see the difference?
With this logic you could say the chance to hit the lottery jackpot is the same as if the numbers are just 3 digits long. It’s not trying all the possible combinations all at once.
If the password was forced to be a specific length and could not be shorter or longer, it would be the same as that. But they’re not usually forced to be a specific length. They do have bounds, but that also makes it so there are fewer possible combinations to guess.
The chance to get lucky and pick a long, random password is still ridiculously small. The chance to pick admin123 is ridiculously large. You see the difference?
Length doesn’t matter if it’s randomly trying every possible combination. It could just as easily guess the longest possible password as the shortest.
Other methods of attack would be a good reason to make it long and nonsensical; not a random brute force attack.
With this logic you could say the chance to hit the lottery jackpot is the same as if the numbers are just 3 digits long. It’s not trying all the possible combinations all at once.
If the password was forced to be a specific length and could not be shorter or longer, it would be the same as that. But they’re not usually forced to be a specific length. They do have bounds, but that also makes it so there are fewer possible combinations to guess.